On Monday, June 19, 2017 at 1:27:46 AM UTC+3, Nick Lamb wrote:
> On Sunday, 18 June 2017 16:37:13 UTC+1, Eric Mill wrote:
> > One question though, is whether the key was compromised at the time of
> > intentionally shipping it in a distributed executable. That choice
> > knowingly exposed the key to arbitrary public users, even if they didn't
> > expect this to happen from doing so.
> Yes, the subscriber intentionally compromised this key when they implemented
> this decision. This was a foreseeable consequence. If they didn't foresee it,
> that's not because it wasn't foreseeable but because they're foolish. A
> reasonable person who understood what was going on here (public key
> cryptography, the purpose of certificates in the Web PKI) should have
> understood they were intentionally compromising their key.
You assume too much about a "reasonable person".
Yes, most developers understand PKI / key management to a point, but many
(many) just don't, or do and simply make the mistake of not thinking it
through, like many other software defects. Bottom line - could happen
dev-security-policy mailing list